Consumers (and potential consumers) of cloud computing services have expressed reluctance to deploy sensitive data and workloads into cloud infrastructures due to concern about the infrastructure's ability to protect their sensitive information. In a cloud environment, this means providing adequate security for the virtualized environment.
For example, in a virtual environment (as most infrastructure as a service (IaaS) deployments are), it is the job of the virtual machine monitor (VMM) to provide security services to the virtual machines (VMs) it is managing. Accordingly, the VMM has a very high asset value since if it is compromised, then security of all the VMs (workloads) that it is monitoring is also compromised.
Technology exists, such as the Intel Trusted eXecution Technology (TXT) that ensures launch time integrity of a VMM. However, there is currently no technology that ensures VMM integrity during runtime. In a typical virtual IaaS environment, launched VMMs may keep running for over a month at a time thereby increasing the vulnerability of this critical asset (VMM).